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This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

Listing of Claims: 
Claims 1-117 (Cancelled). 

Claim 118. (Currently Amended) A method for intrusion prevention associated with a 
communication attempt between a source node and a destination node managing 
e lectronic communications within a computer network, the olootronic communications 
compliant with Internet Protocol (IP) otandardo rcomprising ^ steps 0 f. 

after the construction of but before the sending of a data packet 
from the source node to the destination node as part of the communication 
attempt, intercepting the data packet at the source node: 

assigning one or more identifiers a uniquo identifier to the 
communication attempt, wherein the identifiers include a source nodo f the 
uniqu e id e ntifier id e ntifying at least one of a user identifier identification 
(UK>) and a system identifier i d e ntification (SID), wherein the UK) is 
associated with a specific a uthorized user of the source node who is 
identified as mitiatins the communication atte mpt and wherein the SID is 
* associated with computer hardware of the source node making the 
communication attempt aniquoly idontifios n - sponifiAj authorized meg ef 
th e souroonodo, whoroin tho SID is constant and - uniqu e ly idontifioo a 
specific computing dovic e of th e source nodo, and wher e in tho SID is not 
an IP address ooaignod to tho computing devioo ; 



inserting the one or more identifiers uniquo idontifior assigned to 
the communication attempt into a header of the data packet to create a 
modified data packet OOUroo nodo into an TP pnolrot nriginntftri h y&A 
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oouroo nodo as part of a communication att e mpt by th e sourc e nod e with a 
d o at inntion node ; and 

thereafter: 

intercepting the modified data S* packet tranomittod - by th e sourc e 
aede within the computer network after it has been sent by the source 
node but b efore it reaches the destination node; 

extracting the one or more identifiers u niqu e id e ntifi e r from the 
header of the modified data g * packet; and 

permitting the communication attempt by the source node with the 
destination node as a function of the one or more identifiers q ajqae 
id e ntifi e r extracted from the header of the modified data H* packet. 

Claim 119. (Currently amended) The method of claim 118, wherein the step of 
permitting the communication attempt by the source node with the destination node 
includes forwarding the modified datag packet to the destination node. 

Claim 120. (Currently amended) The method of claim 118, wherein the data a * packet is 
a SYN packet of a TCP/IP communication. 

Claim 121. (Currently amended) The method of clai m 118. wherein the SID is computed 
based on one or more constant ide ntifiers obtained from the computer hardware of the 
source node 120, whoroin tho uniqu e identifi e r is inoortod into a hoador of tho SYN 

puwKwLi 

Claim 122. (Currently amended) The method of claim 120 4^4-. wherein the one or more 
identifiers aokpi e id e ntifior is inserted into die TCP header of the SYN packe t to create 
the modified date packet . 
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Claim 123. (Currently amended) The method of claim 122, wherein the one or more 
identifiers uniquo idontifior is inserted into the sequence number field of the TCP header. 

Claim 124. (Currently amended) The method of claim 122, wherein the one or more 
identifiers uniqu e identifi e r is inserted into the acknowledgement number field of the 
TCP header. 

Claim 125. (Currently amended) The method of claim 118, wherein the data 5 * packet is 
a UDP packet that is part of a UDP communication and wherein the one or more 
identifiers uniquo idontifior is inserted into the UDP packet. 

Claim 126. (Original) The method of claim 118 further comprising the step of recording 
an unauthorized communication attempt from the source node. 

Claim 127. (Original) The method of claim 118 further comprising the step of notifying a 
network administrator of an unauthorized communication attempt from the source node. 

Claim 128. (Original) The method of claim 118 further comprising the step of logging the 
communication attempt from the source node to the destination node. 

Claim 129. (Currently amended) The method of claim 118 further comprising the step of 
encrypting the one or more identifiers unique identifier before inserting the one or more 
identifiers u niquo ido atiger into the data 5 * packet. 

Claim 130. (Currently amended) The method of claim 129 further comprising the step of 
decrypting the one or more identifiers uniquo idontifinr after intercepting the modified 
data 8* packet. 
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Claim 131 . (Currently amended) The method of claim 129, wherein the one or more 
identifiers uniqu e id e ntifi e r is encrypted using at least one transformation key. 

Claim 132. (Original) The method of claim 131, wherein the transformation key is 
selected dynamically from a table of transformation keys. 

Claim 133. (Currently amended) The method of claim 132, wherein each transformation 
key in the table has an associated key index number, and further comprising the step of 
including the key index number of the transformation key used to encrypt the one or 

more identifiers u niquo idontifior in the data 8 * packet. 

♦ 

Claim 134. (Currently amended) The method of claim 133 further comprising the steps of 
obtaining the key index number from the modified dataff * packet, identifying the 
transformation key associated with the key index number, and decrypting the one or more 
identifiers u nique identifier using the identified transformation key. 

Claim 135. (Currently amended) The method of claim 118, wherein the source node is 
permitted to communicate with the destination node if the one or more identifiers « mqm 
id e ntifi e r matches one of a plurality of authorized identifiers associated with the 
destination node. 

Claim 136. (Currently amended) The method of claim 118, wherein the one or more 
identifiers uniquo idontifior identifies both the UID and the SID and wherein the source 
node is permitted to communicate with the destination node if both the UID and the SID 
are authorized to communicate with the destination node. 

Claim 137. (Currently amended) The method of claim 118, wherein the source node is 
not permitted to communicate with the destination node if the one or more identifiers 
unique identifie s is not included within the modified data fP packet. 
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Claim 138. (Currently amended) The method of claim 118, wherein the step of p„ennitting 
the communication attempt is made based on receipt of a single modified data packet 
infi e rting - tho uniquo identifi e r of th e sourc e nod e into the IP packet dooo not roquiro any 
Guporfluoua IP pnokotQ to bo Gent -as- part of th e communication attemp t. 

Claim 139. (Cancelled). 
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Claim 140. (Currently amended) A method of monitoring an electronic communication 
communications between a source node and a destination node within a computer 
network, tho el e ctronic communications compliant with Internet Protocol (IP) [standards, 
comprising the steps of: 

after the construction of but before the sending of a data packet 
from the source node to the destination node as part of the electronic 
communication, intercepting the data packet at the source node; 

assigning one or more identifiers to the electronic communication: 

inserting the one or more identifiers assigned to the electronic 
communication into a header of the data packet to create a modified data 
packet: and thereafter 

intercepting the modified data packet within the computer network; 
after it has been sent by the sourc e node but before it reaches the 
destination node; 

assigning a uniquo andnon IP address identifier to tho source 



inserting th e id e ntifi e r assigned to tho source nod e into a otondard 

field of an IP paokot, tho IP packet being originatod by tho source nodo - a s 
part of an olootronio communication with tho^ootination ^eder 

i nt e rc e pting the IP paokot transmitted by tho source nodo boforo it 

reach e s tho dootinatioa - nodo; 
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extracting tho idontifior from tho IP packet; and 

extracting the one or more identifiers from the header of the 
modified data packet: and thereafter: 

logging the one or more identifiers identifier extracted from the 
header of the modified data £P-packet in a database; and 

forwarding the modified data ff-packet to the destination node. 

Claim 141 . (Currently amended) The method of claim 140 wherein the one or more 
identifiers include at least one of a user identifier (UJD) and a system identifier (STD^ 
wherein th e UID is associated with a specific authorized user of the source node who is 
identified as initiatin g the electronic communication and wherein the SID is associated 
with computer hardware of the source node initiating the electronic communication 
identifi e r id e ntifioo at loast ono of a user idontification (UID) and a system idontifiGatioB 
(SID), wherein tho UID uniquely identifier a spocifio, authorized usor of the souroo nodo 
and wh e rein tho SID is constant and uniquoly idontifioa a s pe cific computing dovioo of 
th e sourc e node . 

Claim 142. (Currently amended) The method of claim 141, wherein the one or more 
identifiers includes identifier identifies both the UID and the SID and further comprising 
the steps of comparing the UID with a plurality of authorized UIDs associated with the 
destination node, comparing the SID with a plurality of authorized SlDs associated with 
the destination node, and taking further action based on the comparisons. 

Claim 143. (Cancelled). 

Claim 144. (Currently amended) The method of claim 140, wherein the step of inserting 
the one or more identifiers into the hea der of the data packrt i4*ntifi«r i nm fee ^n nflnrd 
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fi e ld of th e IP pack e t includes adding the one or more identifiers idontifior - t o additional 
information already contained in the headgr _standard fi e ld . 

Claim 145. (Currently amended) The method of claim 140, wherein the step of inserting 
the one or more identifiers into the header of the data packet identifier into tho ctandard 
fi e ld of th e IP pack e t includes replacing information already contained in the header 
standard fi eld with the one or more identifiers i dentifier . 

Claim 146. (Currently amended) The method of claim 140, wherein the data 3* packet is 
a SYN packet of a TCP/IP communication. 

Claim 147. (Currently amended) The method of claim 141, wherein the SID is computed 
based on one or more constant identifiers obtained from the computer hardware of the 
source node 116. whoroin tho idontifior is insort e d into a head e r nfcrtm pviy peafeet . 

Claim 148. (Currently amended) The method of claim 146 44?. wherein the header is the 
TCP header of the SYN packet. 

Claim 149. (Currently amended) The method of claim 148, wherein the one or more 
identifiers i s inserted into standard fiold -i a the sequence number field of the TCP header. 

Claim 150. (Currently amended) The method of claim 148, wherein the one or more 
identifiers is inserted into ctandard field is the acknowledgement number field of the TCP 
header. 

Claim 151. (Currently amended) The method of claim 146.447, wherein the header is the 
IP header of the SYN packet 
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Claim 152. (Currently amended) The method of claim 140, wherein the data g packet is 
a UDP packet that is part of a HDP communication and wherein the one or more 
identifiers u niqu e id e ntifi e r is inserted into the UDP packet. 

Claim 153. (Currently amended) The method of claim 140 further comprising the step of 
encrypting the one or more identifiers uniquo idonrifior before inserting the one or more 
identifiers u niqu e identifier into the data W packet. 

Claim 154. (Currently amended) The method of claim 153 further comprising the step of 
decrypting the one or more identifiers u niquo idonrifior after intercepting the modified 
dataJQP packet. 

Claim 155. (Currently amended) The method of claim 153, wherein the one or more 
identifiers uniquo idonrifior is encrypted using at least one transformation key. 

Claim 1 56. (Original) The method of claim 155, wherein the transformation key is 
selected dynamically from a table of transformation keys. 

Claim 157. (Currently amended) The method of claim 156, wherein each transformation 
key in the table has an associated key index number, and further comprising the step of 
including the key index number of the transformation key used to encrypt the one or 
more identifiers u niquo identifier in the data 6 * packet 

Claim 1 58. (Currently amended) The method of claim 157 further comprising the steps of 
obtaining the key index number from the modified data fft packet, identifying the 
transformation key associated with the key index number, and decrypting the one or more 
identifiers u niquo idonrifior using the identified transfomiation key. 

Claim 159. (Currently amended) The method of claim 140 wherein the step of logging 
the one or mo r e identifiers i donrifior further comprises the step of logging a portion of the 
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electronic communication from the source node to the destination node in the database in 
association with the one or more identifiers i doBtifiog . 

Claim 160. (Currently amended) The method of claim 140 wherein the step of logging 
the one or more identifiers i d e n ti fi e r further comprises the step of logging the modified 
dataJ P packet from tho oouroo nodo to tho dofitiaation nod e in the database in association 
with the one or more identifiers i dentifier . 

Claim 161. (Original) The method of claim 140 further comprising the step of notifying a 
network administrator of the electronic communication from the source node to the 
destination node. 

Claim 162. (Currently amended) The method of claim 140 further comprising the step of 
comparing the one or more identifiers i dontifior with a plurality of authorized identifiers 
associated with the destination node. 
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